« Trojan.Busky
Trojan.FakeXPA »

Sus.Behav

No Comments
GoldSparrow By GoldSparrow in Malware | 62 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

Sus.Behav Description

Sus.Behav is a malware that installs itself onto a computer under deceptive pretences, infiltrating a system without user knowledge or permission. Officially categorized as a file, displaying suspicious behavior, Sus.Behav should not be trusted. Sus.Behav may typically be downloaded unknowingly from malicious websites, freeware and shareware, and peer-to-peer networks. Sus.Behav can cause registry files to go missing, corrupt files to re-open after being erased, unwanted web browser components, changes in Internet settings and decreased system speeds.

Type: Malware

How Can You Detect Sus.Behav?

 
 

Download SpyHunter’s Detection Scanner
to Detect Sus.Behav.

 
 

Sus.Behav has typically the following processes in memory:

  • EntriqMediaServer.exe
  • opnonkhe.dll
  • FGSHEL~1.DLL
  • CarboniteSetupLitePBPreInstaller.exe
  • fpfstb.dll
  • DWRCS.EXE
  • alt.exe.exe
  • cbXPiFwT.dll
  • ERCUtil.dll
  • ccleaner.exe
  • CarbonitePreinstaller.exe
  • xfire.exe
  • SpySweeperUI.exe
  • tuvVLcay.dll
  • rqRiiHXQ.dll
  • av2009.exe
  • tbaction.exe

Sus.Behav creates the following registry entries:

  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\opnonkhe
  • RUNNING PROGRAM\EXPLORER.EXE
  • HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ 29247207685934936530823877733220
  • RUNNING PROGRAM\DWRCS.EXE
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ TBAction
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ PromoReg
  • RUNNING PROGRAM\winlogon.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ CarboniteSetupLite
  • RUNNING PROGRAM\xfire.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINDOWS\APPINIT_DLLS\ AppInit_DLLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SpySweeper
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\tuvVLcay
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__c00135A8
  • HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ccleaner
  • RUNNING PROGRAM\EntriqMediaServer.exe

Important Article Disclaimer

ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 06/26/09 and is filed under Malware. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs


Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.